Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

recorder.exe

windows7-x64

7

recorder.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$SYSDIR/$D...þ.url

windows7-x64

6

$SYSDIR/$D...þ.url

windows10-2004-x64

3

$SYSDIR/MMUTIL32.dll

windows7-x64

1

$SYSDIR/MMUTIL32.dll

windows10-2004-x64

1

$SYSDIR/lame_enc.dll

windows7-x64

3

$SYSDIR/lame_enc.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

help.chm

windows7-x64

1

help.chm

windows10-2004-x64

1

order.url

windows7-x64

6

order.url

windows10-2004-x64

3

recorder.dll

windows7-x64

1

recorder.dll

windows10-2004-x64

1

recorder.exe

windows7-x64

1

recorder.exe

windows10-2004-x64

1

web.url

windows7-x64

6

web.url

windows10-2004-x64

3

yun.url

windows7-x64

6

yun.url

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 11:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    order.url

  • Size

    278B

  • MD5

    3f969904a1066b788b1c6566257985fc

  • SHA1

    293b6c0106a15c635c12f1c9d452f3f1b2d7c864

  • SHA256

    433e7f912c4e1f6ca500894c5d5dc9d338153261f89e89337f9227842596a3cc

  • SHA512

    82ab2e331342c346f645c7b56ea7ebf7b78c46e8cfadd5fa9db0cc86383a775998ccb2da923c46f5b769c90aef9ae72f6174b9e5bce8dfa1d7e564b4075e30dc

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\order.url
    1⤵
    • Checks whether UAC is enabled
    PID:3008
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37d861e9db60ffd62d0967dc6b37fc4b

    SHA1

    7e0ba35ec875bb08ba4d2d398a3d5ac5479bf8ef

    SHA256

    cfb042513a14475eeaf2aa6623399099e24a0c3f7ae2fbc4f6b94dc26c36bd1d

    SHA512

    e30715f361dfaabc6ecc10f26b253665bfa02d5964727545a5c27cc14e463355b4f264f21693002a3ea6c73c037269f08444ea4cc873edf24405c7a45dbb715d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c73ba90864491809ffee34fe74e0e7f

    SHA1

    9f218df3ebe299b596599555d3c043f8349ba487

    SHA256

    97c083754857577140382cfed003f208222768ab894e97b730c81b7a76fd0090

    SHA512

    a1e7733d350711a44d6df5fd80dee5fccaab2b175890fc24b066f82c66c1ec7ad469c9727a9192307edb252c09ef142e1e5b125a6e9944e896c8c169f51b3637

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a2c2f3c4f15f671d18b8d70c6162e52

    SHA1

    9e5e7d69b962ca5526288dc0e7bfc53e9d774eb9

    SHA256

    ac45cb03995908e8d2be7459686111dc610d9d708b10fc0c121a56137b27c794

    SHA512

    7e696bf4244405f859b724d350a16a7d328afcf68480fe5e04334cea41fb6dc41d67e364c1d2ce29a143da7652e5810580dcbdd786b1e4e5acf133a38facab63

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f56660dcd1a7a8faf0c8b02bba57ec38

    SHA1

    3e095c23b80d7db57ede88fcd1ff7c64112229a5

    SHA256

    76fdadc342ba3090682ab44f3f906f960b862e186950477b30603a23e404f7bd

    SHA512

    87071a05d57e42de419253112864392517b449b6d880d683f32062dc56c284326262c5ef277617d706faa53ad1392c9d835f9e42ddc70d8e720654fa5870082b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b06b063e167097eb8c9c076d253622d8

    SHA1

    0246fc7689daac54bcd0d8ae19cf634ed895a549

    SHA256

    28d8b765059ea2ce142bfc95f07e14d7ef92d4465465d3fcefd2d6716e91492c

    SHA512

    80c84db98f10ab41767507c3e83264f1a34c94a39b1e854566c699a04268e78a42bac131575febdc640efa1805288bcb75c818af4a2730c9701ce5cfd597a163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64df265f9d347c6d50c5997213a48dff

    SHA1

    e0b1ec648136937ee26f737b6eb8bbabba04527a

    SHA256

    b75046ad07d2acd36f127d147dc77673f92e81cb522cd2ec9f16ee80c97e86e7

    SHA512

    d60f2359858235c6b9d5a1714f8382cf92e8b8e4448f92623fb7e2c7d63f4b0131e44354502bb841d4881daa5303b60b868e2a39bd97189ce7bc662fd9a7d45b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05b6de93f6dd2dc7ac73ed540611f33b

    SHA1

    caa291468c7a7ab3035fd219a7ae914df3612196

    SHA256

    3219af34afd3f154888e2590ccffd00ae1a4c1b67760157a31b051c2f0b68a18

    SHA512

    74c828a83c660399efb48b02284e3d2e65072eb8454f2f32ea66d0e2d2b5d14d03903cc29ddf77da4e3f0d62ec875a3972d42095be2fabe973069ac9bdf52b77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da7ba863e138861173585431ba85592d

    SHA1

    2b8f53ba8aaa97d37a2447aa56c79a76c4b1e2c5

    SHA256

    6c11b7e03e84e3a48161a7024d9d6552a9cf5667603b0e17bdf5beeff21edba8

    SHA512

    e4ac640702968549a6f317c062a87ce648c457732104b21338e5225fb02be5cdce1dce3a2e200643ebacb5f434062f29e718f2aca1f6e47ea4995f4e1c9b3886

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    db012c8decf34823d8a986dd24847fc1

    SHA1

    6016031775cb18cf1e2077e0271d30e1fbd8241f

    SHA256

    25f6647e70549546edc466253c711f4d86d2c9fcad9c0574f6fcf3ed8089b1fa

    SHA512

    c858f9ccf6b36a7973f37d8bd0861a3ee84c6f88b8ed956372acc35847377738e4e0fe8e8b2e870994c2e705a1819b21db30bb2bf9f7b670c59c6fff6766609d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1828b06dd085fe745c2790fb5313e4d9

    SHA1

    7f80d699bf73a2391a9e47d7ab91ede288adc91c

    SHA256

    944c9bb76b88bd73658ecca07d3803bea934f3519df03e272da1dbb1fae60c82

    SHA512

    e3af8a00dbf98c00221a728596f8779056c6d3536a70a69b6032fea0487ff5340b3d960a6fa7d052811079e2a2cbdd64f7f6e5aa4b0ba505dc33582256156c04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    323881204ecaf5727aee63619c693731

    SHA1

    45168d150a0bac814d0245850af4a3933b1431c8

    SHA256

    4c6b363e542bb7178914c6b358553b6497c1adaff0ddcb602530561db657aac1

    SHA512

    221f7a43e116336ac68e5b97a0d137f7661594204eafc659e4aa457714254d2ca2c9cc2a588500e5ebe7f2d2e7a0480874c447b6003fa608f7a2bb1cb7df2a4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66fc3f1d5d9e0a92619877898e5de4fe

    SHA1

    4c6ab51c76450d8e11ad623fa0415c39e8173a21

    SHA256

    16cf3f6c252e3e8401d20c17d8d491b4f17f40275e90cd0ee626a730d35e056a

    SHA512

    1254dc90b968def5377e5cc42b0a5dab6183dc29684c01afd8c1aebf66a9e29ef2f11ee34a8bced8d22a1cd75b206e2826c2a7fd451961a91192107b86c002b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e462429f5179fbf5940e2f665a8d9edf

    SHA1

    2b6426a31399d6e830fa749084b109e3a1e98faf

    SHA256

    9606c7fdff975c6fdcae53ea501fac08f8c4a7a5952a4f7c5ad4bf32645f5f5f

    SHA512

    9661d81460f0e0363eb02b9a7155e267816a7d6c89ee4976495220a7b0c00996ad457790745cc69c610fe8a6850d5128119170d1ea4082a57bc40b00f44f27f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3cdaa65b6903b30afffc94b3bd8013fb

    SHA1

    7c253a37af102404281f3c15491f7050811077e1

    SHA256

    4ae2da7117d62d511b64ab09347fb1556d013f75cf52601819240d8f79ea0af1

    SHA512

    6582b1c1dfdda841337331cf61b225ba4b3fc6590f143500e66a7e2f418fb851e2f494273ca59783f1f05dcf10e489779e58334a4296ed13d258a7c01878a45d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fcefd67af4492f88caca8e56835d3bc8

    SHA1

    66f8a08f9d9802c7a45bc6f5f6f2cbd2e4d208a7

    SHA256

    4c79f16099ffc22f5cbf6f8dca6826bae0f86f20e56bc647187c1bc1ba23af4b

    SHA512

    c5c1512e2a795ff87fdfe1a14fff502aa14e25a220826d3b027f71be38cef688ce4010412a3d006c90d1d4233595b33533a3e88d514ae0f8752c7e5331d5f303

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba3b4a73439a6823b64dd41fc9c73e2b

    SHA1

    70d38d47e164252d8dad135a46a90ca6697a38e0

    SHA256

    b69ca1382157c61372730885e3122f475381c3badf43ff3ddadd8ee12ebaadeb

    SHA512

    4e39fac4d10f8e3c5a815e962f93726957ffc5efe5808c739f4f07fb7ad195bd5417555986afeaa0cfcc3dd1a8923943020ed720b5e88ab7ec6bb0df7993e651

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDB81.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDC12.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDC36.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/3008-0-0x00000000001E0000-0x00000000001F0000-memory.dmp

    Filesize

    64KB

    Download